To see the other types of publications on this topic, follow the link: Memory security.
Dissertations / Theses on the topic 'Memory security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Memory security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Talhi, Chamseddine. "Memory-Constrained Security Enforcement." Doctoral thesis, Québec : Université Laval, 2007. http://www.theses.ulaval.ca/2007/24434/24434.pdf.
Full text
2
Cadar, Cristian. "Enhancing availability and security through boundless memory blocks." Thesis, Massachusetts Institute of Technology, 2004. http://hdl.handle.net/1721.1/33123.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.<br>Includes bibliographical references (leaves 49-52).<br>We present a new technique, boundless memory blocks, that automatically eliminates buffer overflow errors, enabling programs to continue to execute through memory errors without memory corruption. Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the program to write beyond the bounds of an allocated memory block to corrupt other data structures. The standard way to exploit a buffer overflow vulnerability involves a request that is too large for the buffer intended to hold it. The buffer overflow error causes the program to write part of the request beyond the bounds of the buffer, corrupting the address space of the program and causing the program to execute injected code contained in the request. Our boundless memory blocks compiler inserts checks that dynamically detect all out of bounds accesses. When it detects an out of bounds write, it stores the value away in a hash. Our compiler can then return the stored value as the result of an out of bounds read to that address. In the case of uninitialized addresses, our compiler simply returns a predefined value. We have acquired several widely used open source applications (Apache, Sendmail, Pine, Mutt, and Midnight Commander). With standard compilers, all of these applications are vulnerable to buffer overflow attacks as documented at security tracking web sites. Instead, our compiler enables the applications to execute successfully through buffer overflow attacks to continue to correctly service user requests without security vulnerabilities. We have also found that only one application contains uninitialized reads, which means that in most cases, the net effect of our compiler is to (conceptually) give each allocated memory block unbounded size and to eliminate out of bounds accesses as a programming error.<br>by Cristian Cadar.<br>M.Eng.
3
Chuang, Weihaw. "Maintaining safe memory for security, debugging, and multi-threading." Connect to a 24 p. preview or request complete full text in PDF format. Access restricted to UC campuses, 2006. http://wwwlib.umi.com/cr/ucsd/fullcit?p3223012.
Full textAbstract:
Thesis (Ph. D.)--University of California, San Diego, 2006.<br>Title from first page of PDF file (viewed September 21, 2006). Available via ProQuest Digital Dissertations. Vita. Includes bibliographical references (p. 164-172).
4
Sylve, Joseph T. "Android Memory Capture and Applications for Security and Privacy." ScholarWorks@UNO, 2011. http://scholarworks.uno.edu/td/1400.
Full textAbstract:
The Android operating system is quickly becoming the most popular platform for mobiledevices. As Android’s use increases, so does the need for both forensic and privacy toolsdesigned for the platform. This thesis presents the first methodology and toolset for acquiringfull physical memory images from Android devices, a proposed methodology for forensicallysecuring both volatile and non-volatile storage, and details of a vulnerability discovered by theauthor that allows the bypass of the Android security model and enables applications to acquirearbitrary permissions.
5
Marco, Gisbert Héctor. "Cyber-security protection techniques to mitigate memory errors exploitation." Doctoral thesis, Universitat Politècnica de València, 2016. http://hdl.handle.net/10251/57806.
Full textAbstract:
[EN] Practical experience in software engineering has demonstrated that the goal of
building totally fault-free software systems, although desirable, is impossible
to achieve. Therefore, it is necessary to incorporate mitigation techniques in
the deployed software, in order to reduce the impact of latent faults.
This thesis makes contributions to three memory corruption mitigation
techniques: the stack smashing protector (SSP), address space layout
randomisation (ASLR) and automatic software diversification.
The SSP is a very effective protection technique used against stack buffer
overflows, but it is prone to brute force attacks, particularly the dangerous
byte-for-byte attack. A novel modification, named RenewSSP, has been proposed
which eliminates brute force attacks, can be used in a completely transparent
way with existing software and has negligible overheads. There are two
different kinds of application for which RenewSSP is especially beneficial:
networking servers (tested in Apache) and application launchers (tested on
Android).
ASLR is a generic concept with multiple designs and implementations. In this
thesis, the two most relevant ASLR implementations of Linux have been analysed
(Vanilla Linux and PaX patch), and several weaknesses have been found. Taking
into account technological improvements in execution support (compilers and
libraries), a new ASLR design has been proposed, named ASLR-NG, which
maximises entropy, effectively addresses the fragmentation issue and removes a
number of identified weaknesses. Furthermore, ASLR-NG is transparent to
applications, in that it preserves binary code compatibility and does not add
overheads. ASLR-NG has been implemented as a patch to the Linux kernel 4.1.
Software diversification is a technique that covers a wide range of faults,
including memory errors. The main problem is how to create variants,
i.e. programs which have identical behaviours on normal inputs but
where faults manifest differently. A novel form of automatic variant
generation has been proposed, using multiple cross-compiler suites and
processor emulators.
One of the main goals of this thesis is to create applicable results.
Therefore, I have placed particular emphasis on the development of real
prototypes in parallel with the theoretical study. The results of this thesis
are directly applicable to real systems; in fact, some of the results have
already been included in real-world products.<br>[ES] La creación de software supone uno de los retos más complejos para el
ser humano ya que requiere un alto grado de abstracción. Aunque se ha
avanzado mucho en las metodologías para la prevención de los fallos
software, es patente que el software resultante dista mucho de ser
confiable, y debemos asumir que el software que se produce no está
libre de fallos. Dada la imposibilidad de diseñar o implementar
sistemas libres de fallos, es necesario incorporar técnicas de
mitigación de errores para mejorar la seguridad.
La presente tesis realiza aportaciones en tres de las principales
técnicas de mitigación de errores de corrupción de memoria: Stack
Smashing Protector (SSP), Address Space Layout Randomisation (ASLR) y
Automatic Software Diversification.
SSP es una técnica de protección muy efectiva contra
ataques de desbordamiento de buffer en pila, pero es sensible a ataques de
fuerza bruta, en particular al peligroso ataque denominado byte-for-byte.
Se ha propuesto una novedosa modificación del SSP, llamada RenewSSP,
la cual elimina los ataques de fuerza bruta. Puede ser usada
de manera completamente transparente con los programas existentes sin
introducir sobrecarga. El RenewSSP es especialmente beneficioso en dos áreas de
aplicación: Servidores de red (probado en Apache) y
lanzadores de aplicaciones eficientes (probado en Android).
ASLR es un concepto genérico, del cual hay multitud de diseños e
implementaciones. Se han analizado las dos implementaciones más
relevantes de Linux (Vanilla Linux y PaX patch), encontrándose en
ambas tanto debilidades como elementos mejorables. Teniendo en cuenta
las mejoras tecnológicas en el soporte a la ejecución (compiladores y
librerías), se ha propuesto un nuevo diseño del ASLR, llamado
ASLR-NG, el cual: maximiza la entropía, soluciona el problema de la
fragmentación y elimina las debilidades encontradas. Al igual que la
solución propuesta para el SSP, la nueva propuesta de ASLR es
transparente para las aplicaciones y compatible a nivel
binario sin introducir sobrecarga. ASLR-NG ha sido implementado como
un parche del núcleo de Linux para la versión 4.1.
La diversificación software es una técnica que cubre una amplia gama
de fallos, incluidos los errores de memoria. La principal dificultad
para aplicar esta técnica radica en la generación de las
"variantes", que son programas que tienen un comportamiento idéntico
entre ellos ante entradas normales, pero tienen un comportamiento
diferenciado en presencia de entradas anormales. Se ha propuesto una
novedosa forma de generar variantes de forma automática a partir de un
mismo código fuente, empleando la emulación de sistemas.
Una de las máximas de esta investigación ha sido la aplicabilidad de
los resultados, por lo que se ha hecho especial hincapié en el
desarrollo de prototipos sobre sistemas reales a la par que se llevaba
a cabo el estudio teórico. Como resultado, las propuestas de esta
tesis son directamente aplicables a sistemas reales, algunas de ellas
ya están siendo explotadas en la práctica.<br>[CAT] La creació de programari suposa un dels reptes més complexos per al ser humà ja
que requerix un alt grau d'abstracció. Encara que s'ha avançat molt en les
metodologies per a la prevenció de les fallades de programari, és palès que el
programari resultant dista molt de ser confiable, i hem d'assumir que el
programari que es produïx no està lliure de fallades. Donada la impossibilitat
de dissenyar o implementar sistemes lliures de fallades, és necessari
incorporar tècniques de mitigació d'errors per a millorar la seguretat.
La present tesi realitza aportacions en tres de les principals tècniques de
mitigació d'errors de corrupció de memòria: Stack Smashing Protector (SSP),
Address Space Layout Randomisation (ASLR) i Automatic Software
Diversification.
SSP és una tècnica de protecció molt efectiva contra atacs de desbordament de
buffer en pila, però és sensible a atacs de força bruta, en particular al
perillós atac denominat byte-for-byte.
S'ha proposat una nova modificació del SSP, RenewSSP, la qual elimina els atacs
de força bruta. Pot ser usada de manera completament transparent amb els
programes existents sense introduir sobrecàrrega. El RenewSSP és especialment
beneficiós en dos àrees d'aplicació: servidors de xarxa (provat en Apache) i
llançadors d'aplicacions eficients (provat en Android).
ASLR és un concepte genèric, del qual hi ha multitud de dissenys i
implementacions. S'han analitzat les dos implementacions més rellevants de
Linux (Vanilla Linux i PaX patch), trobant-se en ambdues tant debilitats com
elements millorables. Tenint en compte les millores tecnològiques en el suport
a l'execució (compiladors i llibreries), s'ha proposat un nou disseny de
l'ASLR: ASLR-NG, el qual, maximitza l'entropia, soluciona el problema de
la fragmentació i elimina les debilitats trobades. Igual que la solució
proposada per al SSP, la nova proposta d'ASLR és transparent per a les
aplicacions i compatible a nivell binari sense introduir sobrecàrrega. ASLR-NG
ha sigut implementat com un pedaç del nucli de Linux per a la versió 4.1.
La diversificació de programari és una tècnica que cobrix una àmplia gamma de
fa\-llades, inclosos els errors de memòria. La principal dificultat per a aplicar
esta tècnica radica en la generació de les "variants", que són programes que
tenen un comportament idèntic entre ells davant d'entrades normals, però tenen
un comportament diferenciat en presència d'entrades anormals. S'ha proposat una
nova forma de generar variants de forma automàtica a partir d'un mateix codi
font, emprant l'emulació de sistemes.
Una de les màximes d'esta investigació ha sigut l'aplicabilitat dels resultats,
per la qual cosa s'ha fet especial insistència en el desenrotllament de
prototips sobre sistemes reals al mateix temps que es duia a terme l'estudi
teòric. Com a resultat, les propostes d'esta tesi són directament aplicables
a sistemes reals, algunes d'elles ja estan sent explotades en la pràctica.<br>Marco Gisbert, H. (2015). Cyber-security protection techniques to mitigate memory errors exploitation [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/57806<br>TESIS
6
Govindaraj, Rekha. "Emerging Non-Volatile Memory Technologies for Computing and Security." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7674.
Full textAbstract:
With CMOS technology scaling reaching its limitations rigorous research of alternate and competent technologies is paramount to push the boundaries of computing. Spintronic and resistive memories have proven to be effective alternatives in terms of area, power and performance to CMOS because of their non-volatility, ability for logic computing and easy integration with CMOS. However, deeper investigations to understand their physical phenomenon and improve their properties such as writability, stability, reliability, endurance, uniformity with minimal device-device variations is necessary for deployment as memories in commercial applications. Application of these technologies beyond memory and logic are investigated in this thesis i.e. for security of integrated circuits and systems and special purpose memories. We proposed a spintonic based special purpose memory for search applications, present design analysis and techniques to improve the performance for larger word lengths upto 256 bits. Salient characteristics of RRAM is studied and exploited in the design of widely accepted hardware security primitives such as Physically Unclonable Function (PUF) and True Random Number Generators (TRNG). Vulnerability of these circuits to adversary attacks and countermeasures are proposed. Proposed PUF can be implemented within 1T-1R conventional memory architecture which offers area advantages compared to RRAM memory and cross bar array PUFs with huge number of challenge response pairs. Potential application of proposed strong arbiter PUF in the Internet of things is proposed and performance is evaluated theoretically with valid assumptions on the maturity of RRAM technology. Proposed TRNG effectively utilizes the random telegraph noise in RRAM current to generate random bit stream. TRNG is evaluated for sufficient randomness in the random bit stream generated. Vulnerability and countermeasures to adversary attacks are also studied. Finally, in thesis we investigated and extended the application of emerging non-volatile memory technologies for search and security in integrated circuits and systems.
7
Veca, Matthew. "Extracting Windows event logs using memory forensics." ScholarWorks@UNO, 2015. http://scholarworks.uno.edu/td/2119.
Full textAbstract:
Abstract Microsoft’s Windows Operating System provides a logging service that collects, filters and stores event messages from the kernel and applications into log files (.evt and .evtx). Volatility, the leading open source advanced memory forensic suite, currently allows users to extract these events from memory dumps of Windows XP and Windows 2003 machines. Currently there is no support for users to extract the event logs (.evtx) from Windows Vista, Win7 or Win8 memory dumps, and Volatility users have to rely on outside software in order to do this. This thesis discusses a newly developed evtxlogs.py plugin for Volatility, which allows users the same functionality with Windows Vista, Win7 and Win8 that they had with Windows XP and Win 2003’s evtlogs.py plugin. The plugin is based on existing mechanisms for parsing Windows Vista-format event logs, but adds fully integrated support for these logs to Volatility.
8
Babecki, Christopher. "A Memory-Array Centric Reconfigurable Hardware Accelerator for Security Applications." Case Western Reserve University School of Graduate Studies / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=case1427381331.
Full text
9
Pettersson, Stefan. "Visualizing Endpoint Security Technologies using Attack Trees." Thesis, Linköping University, Department of Computer and Information Science, 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-15509.
Full textAbstract:
<p>Software vulnerabilities in programs and malware deployments have been increasing almost every year since we started measuring them. Information about how to program securely, how malware shall be avoided and technological countermeasures for this are more available than ever. Still, the trend seems to favor the attacker. This thesis tries to visualize the effects of a selection of technological countermeasures that have been proposed by researchers. These countermeasures: non-executable memory, address randomization, system call interception and file integrity monitoring are described along with the attacks they are designed to defend against. The coverage of each countermeasure is then visualized with the help of attack trees. Attack trees are normally used for describing how systems can be attacked but here they instead serve the purpose of showing where in an attack a countermeasure takes effect. Using attack trees for this highlights a couple of important aspects of a security mechanism, such as how early in an attack it is effective and which variants of an attack it potentially defends against. This is done by the use of what we call defensive codes that describe how a defense mechanism counters a sub-goal in an attack. Unfortunately the whole process is not well formalized and depends on many uncertain factors.</p>
10
Payne, Bryan D. "Improving host-based computer security using secure active monitoring and memory analysis." Diss., Georgia Institute of Technology, 2010. http://hdl.handle.net/1853/34852.
Full textAbstract:
Thirty years ago, research in designing operating systems to defeat malicious software was very popular. The primary technique was to design and implement a small security kernel that could provide security assurances to the rest of the system. However, as operating systems grew in size throughout the 1980's and 1990's, research into security kernels slowly waned. From a security perspective, the story was bleak. Providing security to one of these large operating systems typically required running software within that operating system. This weak security foundation made it relatively easy for attackers to subvert the entire system without detection.
The research presented in this thesis aims to reimagine how we design and deploy computer systems. We show that through careful use of virtualization technology, one can effectively isolate the security critical components in a system from malicious software. Furthermore, we can control this isolation to allow the security software a complete view to monitor the running system. This view includes all of the necessary information for implementing useful security applications including the system memory, storage, hardware events, and network traffic. In addition, we show how to perform both passive and active monitoring securely, using this new system architecture.
Security applications must be redesigned to work within this new monitoring architecture. The data acquired through our monitoring is typically very low-level and difficult to use directly. In this thesis, we describe work that helps bridge this semantic gap by locating data structures within the memory of a running virtual machine. We also describe work that shows a useful and novel security framework made possible through this new monitoring architecture. This framework correlates human interaction with the system to distinguish legitimate and malicious outgoing network traffic.
11
Yan, Chenyu. "Architectural support for improving security and performance of memory sub-systems." Diss., Atlanta, Ga. : Georgia Institute of Technology, 2008. http://hdl.handle.net/1853/26663.
Full textAbstract:
Thesis (Ph.D)--Computing, Georgia Institute of Technology, 2009.<br>Committee Chair: Milos Prvulovic; Committee Member: Gabriel Loh; Committee Member: Hyesoon Kim; Committee Member: Umakishore Ramachandran; Committee Member: Yan Solihin. Part of the SMARTech Electronic Thesis and Dissertation Collection.
12
Vaslin, Romain. "Hardware core for off-chip memory security management in embedded system." Lorient, 2008. http://www.theses.fr/2008LORIS119.
Full textAbstract:
Nous proposons une architecture matérielle sécurisée du démarrage du système en passant par l'exécution des applications jusqu'à sa mise àjour sur le terrain. Une nouvelle technique afin de garantir la confidentialité et l'intégrité des données en mémoires est présentée et évaluée dans un premier temp L'architecture proposée est alors étendue avec de nouvelles fonctionnalités qui permettent de gérer à la volée le niveau de sécurité spécifique à la donnée. Ceci ayant pour but de minimiser au maximum les coûts engendrés par la sécurité et notamment la surface, la performance, la consommation mémoire et e��nergétique de l'architecture. Cette base étant évaluée au traves de différentes applications temps réel s'exécutant sur l'architecture sécurisée, l'étape suivante est la mise en oeuvre complète d'un système. Pour cela une méthode de démarrage sécurisée est également proposée afin de lancer les applications depuis une mémoire flash. D'autre mécanismes sont également introduits afin de permettre une mise à jour des applications contenues dans la flash et leur exécution par la suite sur l'architecture sécurisée. L'ensemble des résultats générés ont pour but de montrer que la solution proposée correspond aux besoins et aux capacités des systèmes embarqués. Pour la première fois le coût de la sécurité a été évalué sur l'ensemble des caractéristiques spécifiques au domaine des systèmes embarqués (surface, performance, consommation mémoire et énergétique) pour une chaine totalement sécurisée<br>We offer a secure hardware architecture for system boot up, secure software execution and on field update. A new scheme is presented to guarantee dat confidentiality and integrity for off-chip memories. The architecture capabilities are extended to support on the fly security level management of data. The goal is to minimize the overhead due to security like logic area, performance, memory footprint and power consumption for the architecture. After careful evaluation through real time applications execution with this secure architecture, the next step was to provide an end to end solution. Toward th solution, a secure boot up mechanism is proposed in order to securely start applications from a flash memory. More techniques are also introduced to allow on field software update for later secure execution with the architecture. A complete set ofresults has been generated in order to underline the fact that the proposed solution matches with the current needs and constraints of embedded systems. For the first time the security cost in area, performance, memory and power has been evaluated for embedded systems with an end to end solution
13
Seong, Nak Hee. "A reliable, secure phase-change memory as a main memory." Diss., Georgia Institute of Technology, 2012. http://hdl.handle.net/1853/50123.
Full textAbstract:
The main objective of this research is to provide an efficient and reliable method for using multi-level cell (MLC) phase-change memory (PCM) as a main memory. As DRAM scaling approaches the physical limit, alternative memory technologies are being explored for future computing systems. Among them, PCM is the most mature with announced commercial products for NOR flash replacement. Its fast access latency and scalability have led researchers to investigate PCM as a feasible candidate for DRAM replacement. Moreover, the multi-level potential of PCM cells can enhance the scalability by increasing the number of bits stored in a cell. However, the two major challenges for adopting MLC PCM are the limited write endurance cycle and the resistance drift issue. To alleviate the negative impact of the limited write endurance cycle, this thesis first introduces a secure wear-leveling scheme called Security Refresh. In the study, this thesis argues that a PCM design not only has to consider normal wear-out under normal application behavior, most importantly, it must take the worst-case scenario into account with the presence of malicious exploits and a compromised OS to address the durability and security issues simultaneously. Security Refresh can avoid information leak by constantly migrating their physical locations inside the PCM, obfuscating the actual data placement from users and system software. In addition to the secure wear-leveling scheme, this thesis also proposes SAFER, a hardware-efficient multi-bit stuck-at-fault error recovery scheme which can function in conjunction with existing wear-leveling techniques. The limited write endurance leads to wear-out related permanent failures, and furthermore, technology scaling increases the variation in cell lifetime resulting in early failures of many cells. SAFER exploits the key attribute that a failed cell with a stuck-at value is still readable, making it possible to continue to use the failed cell to store data; thereby reducing the hardware overhead for error recovery. Another approach that this thesis proposes to address the lower write endurance is a hybrid phase-change memory architecture that can dynamically classify, detect, and isolate frequent writes from accessing the phase-change memory. This proposed architecture employs a small SRAM-based Isolation Cache with a detection mechanism based on a multi-dimensional Bloom filter and a binary classifier. The techniques are orthogonal to and can be combined with other wear-out management schemes to obtain a synergistic result. Lastly, this thesis quantitatively studies the current art for MLC PCM in dealing with the resistance drift problem and shows that the previous techniques such as scrubbing or error correction schemes are incapable of providing sufficient level of reliability. Then, this thesis proposes tri-level-cell (3LC) PCM and demonstrates that 3LC PCM can be a viable solution to achieve the soft error rate of DRAM and the performance of single-level-cell PCM.
14
Andrade, Ewerton Rodrigues. "Lyra2: password hashing scheme with improved security against time-memory trade-offs." Universidade de São Paulo, 2016. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-26082016-150620/.
Full textAbstract:
To protect against brute force attacks, modern password-based authentication systems usually employ mechanisms known as Password Hashing Schemes (PHS). Basically, a PHS is a cryptographic algorithm that generates a sequence of pseudorandom bits from a user-defined password, allowing the user to configure the computational costs involved in the process aiming to raise the costs of attackers testing multiple passwords trying to guess the correct one. Traditional schemes such as PBKDF2 and bcrypt, for example, include a configurable parameter that controls the number of iterations performed, allowing the user to adjust the time required by the password hashing process. The more recent scrypt and Lyra algorithms, on the other hand, allow users to control both processing time and memory usage. Despite these advances, there is still considerable interest by the research community in the development of new (and better) alternatives. Indeed, this led to the creation of a competition with this specific purpose, the Password Hashing Competition (PHC). In this context, the goal of this research effort is to propose a superior PHS alternative. Specifically, the objective is to improve the Lyra algorithm, a PHS built upon cryptographic sponges whose project counted with the authors\' participation. The resulting solution, called Lyra2, preserves the security, efficiency and flexibility of Lyra, including: the ability to configure the desired amount of memory and processing time to be used by the algorithm; and (2) the capacity of providing a high memory usage with a processing time similar to that obtained with scrypt. In addition, it brings important improvements when compared to its predecessor: (1) it allows a higher security level against attack venues involving time-memory trade-offs; (2) it includes tweaks for increasing the costs involved in the construction of dedicated hardware to attack the algorithm; (3) it balances resistance against side-channel threats and attacks relying on cheaper (and, hence, slower) storage devices. Besides describing the algorithm\'s design rationale in detail, this work also includes a detailed analysis of its security and performance in different platforms. It is worth mentioning that Lyra2, as hereby described, received a special recognition in the aforementioned PHC competition.<br>Para proteger-se de ataques de força bruta, sistemas modernos de autenticação baseados em senhas geralmente empregam algum Esquema de Hash de Senhas (Password Hashing Scheme - PHS). Basicamente, um PHS é um algoritmo criptográfico que gera uma sequência de bits pseudo-aleatórios a partir de uma senha provida pelo usuário, permitindo a este último configurar o custo computacional envolvido no processo e, assim, potencialmente elevar os custos de atacantes testando múltiplas senhas em paralelo. Esquemas tradicionais utilizados para esse propósito são o PBKDF2 e bcrypt, por exemplo, que incluem um parâmetro configurável que controla o número de iterações realizadas pelo algoritmo, permitindo ajustar-se o seu tempo total de processamento. Já os algoritmos scrypt e Lyra, mais recentes, permitem que usuários não apenas controlem o tempo de processamento, mas também a quantidade de memória necessária para testar uma senha. Apesar desses avanços, ainda há um interesse considerável da comunidade de pesquisa no desenvolvimento e avaliação de novas (e melhores) alternativas. De fato, tal interesse levou recentemente à criação de uma competição com esta finalidade específica, a Password Hashing Competition (PHC). Neste contexto, o objetivo do presente trabalho é propor uma alternativa superior aos PHS existentes. Especificamente, tem-se como alvo melhorar o algoritmo Lyra, um PHS baseado em esponjas criptográficas cujo projeto contou com a participação dos autores do presente trabalho. O algoritmo resultante, denominado Lyra2, preserva a segurança, eficiência e flexibilidade do Lyra, incluindo a habilidade de configurar do uso de memória e tempo de processamento do algoritmo, e também a capacidade de prover um uso de memória superior ao do scrypt com um tempo de processamento similar. Entretanto, ele traz importantes melhorias quando comparado ao seu predecessor: (1) permite um maior nível de segurança contra estratégias de ataque envolvendo trade-offs entre tempo de processamento e memória; (2) inclui a possibilidade de elevar os custos envolvidos na construção de plataformas de hardware dedicado para ataques contra o algoritmo; (3) e provê um equilíbrio entre resistância contra ataques de canal colateral (\"side-channel\") e ataques que se baseiam no uso de dispositivos de memória mais baratos (e, portanto, mais lentos) do que os utilizados em computadores controlados por usuários legítimos. Além da descrição detalhada do projeto do algoritmo, o presente trabalho inclui também uma análise detalhada de sua segurança e de seu desempenho em diferentes plataformas. Cabe notar que o Lyra2, conforme aqui descrito, recebeu uma menção de reconhecimento especial ao final da competição PHC previamente mencionada.
15
Trikalinou, Anna. "AMYNA: A Security Generator and Performance Estimator Framework Against Memory-Based Attacks." Wright State University / OhioLINK, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=wright1418998019.
Full text
16
Kiriansky, Vladimir L. (Vladimir Lubenov) 1979. "Improving performance and security of indirect memory references on speculative execution machines." Thesis, Massachusetts Institute of Technology, 2019. https://hdl.handle.net/1721.1/122556.
Full textAbstract:
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2019<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (pages 123-139).<br>Indirect memory references hobble efficient and secure execution on current processor architectures. Traditional hardware techniques such as caches and speculative execution are ineffective on demanding workloads, such as in-memory databases, machine learning, and graph analytics. While terabytes of DRAM are now available in public cloud machines, indirect memory references in large working sets often incur the full penalty of a random DRAM access. Furthermore, caches and speculative execution enable the recently discovered Spectre family of side-channel attacks, which allow untrusted neighbors in a public cloud to steal secrets. In this thesis, we introduce complementary software and hardware techniques to improve the performance of caches and speculative execution, and to block the largest attack class with low overhead. MILK is our C++ extension to improve data cache locality.<br>Milk's programming model preserves parallel program semantics and maps well to the Bulk-Synchronous Parallel (BSP) theoretical model. Within a BSP superstep, which may encompass billions of memory references, Milk captures the temporal and spatial locality of ideal infinite caches on real hardware and provides up to 4x speedup. CIMPLE is our domain specific language (DSL) to improve the effectiveness of speculative execution in discovering instruction level parallelism and memory level parallelism. Improving memory parallelism on current CPUs allows up to ten memory references in parallel to reduce the effective DRAM latency. Speculative execution is constrained by branch predictor effectiveness and can only uncover independent accesses within the hardware limits of instruction windows (up to 100 instructions). With Cimple, interleaved co-routines expose instruction and memory level parallelism close to ideal hardware with unlimited instruction windows and perfect predictors.<br>On in-memory database index data structures, Cimple achieves up to 6x speedup. DAWG is our secure cache architecture that prevents leaks via measuring the cache effects of speculative indirect memory references. Unlike performance isolation mechanisms such as Intel's Cache Allocation Technology (CAT), DAWG blocks both speculative and non-speculative side-channels by isolating cache protection domains. DAWG incurs no overhead over CAT for isolation in public clouds. DAWG also enables OS isolation with efficient sharing and communication via caches, e.g., in system calls.<br>by Vladimir Kiriansky.<br>Ph. D.<br>Ph.D. Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science
17
Peters, Timothy M. "DEFY: A Deniable File System for Flash Memory." DigitalCommons@CalPoly, 2014. https://digitalcommons.calpoly.edu/theses/1230.
Full textAbstract:
While solutions for file system encryption can prevent an adversary from determining the contents of files, in situations where a user wishes to hide even the existence of data, encryption alone is not enough. Indeed, encryption may draw attention to those files, as they most likely contain information the user wishes to keep secret, and coercion can be a very strong motivator for the owner of an encrypted file system to surrender their secret key.
Herein we present DEFY, a deniable file system designed to work exclusively with solid-state drives, particularly those found in mobile devices. Solid-state drives have unique properties that render previous deniable file system designs impractical or insecure. Further, DEFY provides features not offered by any single prior work, including: support for multiple layers of deniability, authenticated encryption, and an ability to quickly and securely delete data from the device. We have implemented a prototype based on the YAFFS and WhisperYaffs file systems. An evaluation shows DEFY performs comparatively with WhisperYaffs.
18
Case, Andrew. "Detecting Objective-C Malware through Memory Forensics." ScholarWorks@UNO, 2016. http://scholarworks.uno.edu/td/2132.
Full textAbstract:
Memory forensics is increasingly used to detect and analyze sophisticated malware. In the last decade, major advances in memory forensics have made analysis of kernel-level malware straightforward. Kernel-level malware has been favored by attackers because it essentially provides complete control over a machine. This has changed recently as operating systems vendors now routinely enforce driving signing and strategies for protecting kernel data, such as Patch Guard, have made userland attacks much more attractive to malware authors.
In this thesis, new techniques for detecting userland malware written in Objective-C on Mac OS X are presented. As the thesis illustrates, Objective-C provides a rich set of APIs that malware uses to manipulate and steal data and to perform other malicious activities. The novel memory forensics techniques presented in this thesis deeply examine the state of the Objective-C runtime, identifying a number of suspicious activities, from keystroke logging to pointer swizzling.
19
Chaulagain, Dewan. "Hybrid Analysis of Android Applications for Security Vetting." Bowling Green State University / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=bgsu1555608766287613.
Full text
20
Nemati, Hamed. "Secure System Virtualization : End-to-End Verification of Memory Isolation." Doctoral thesis, KTH, Teoretisk datalogi, TCS, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-213030.
Full textAbstract:
Over the last years, security-kernels have played a promising role in reshaping the landscape of platform security on embedded devices. Security-kernels, such as separation kernels, enable constructing high-assurance mixed-criticality execution platforms on a small TCB, which enforces isolation between components. The reduced TCB minimizes the system attack surface and facilitates the use of formal methods to ensure the kernel functional correctness and security. In this thesis, we explore various aspects of building a provably secure separation kernel using virtualization technology. We show how the memory management subsystem can be virtualized to enforce isolation of system components. Virtualization is done using direct-paging that enables a guest software to manage its own memory configuration. We demonstrate the soundness of our approach by verifying that the high-level model of the system fulfills the desired security properties. Through refinement, we then propagate these properties (semi-)automatically to the machine-code of the virtualization mechanism. Further, we show how a runtime monitor can be securely deployed alongside a Linux guest on a hypervisor to prevent code injection attacks targeting Linux. The monitor takes advantage of the provided separation to protect itself and to retain a complete view of the guest. Separating components using a low-level software cannot by itself guarantee the system security. Indeed, current processors architecture involves features that can be utilized to violate the isolation of components. We present a new low-noise attack vector constructed by measuring caches effects which is capable of breaching isolation of components and invalidates the verification of a software that has been verified on a memory coherent model. To restore isolation, we provide several countermeasures and propose a methodology to repair the verification by including data-caches in the statement of the top-level security properties of the system.<br><p>QC 20170831</p><br>PROSPER<br>HASPOC
21
Priyanimal, Karunanayake Dinidu. "GEOPOLITICS OF FORGERY: LITERATURE, CULTURE AND MEMORY OF THE POSTCOLONIAL SOUTH ASIAN SECURITY STATE." Miami University / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=miami156354614875673.
Full text
22
Young, Vinson. "Hardware-assisted security: bloom cache – scalable low-overhead control flow integrity checking." Thesis, Georgia Institute of Technology, 2014. http://hdl.handle.net/1853/53994.
Full textAbstract:
Computers were not built with security in mind. As such, security has and still often takes a back seat to performance. However, in an era where there is so much sensitive data being stored, with cloud storage and huge customer databases, much has to be done to keep this data safe from intruders.
Control flow hijacking attacks, stemming from a basic code injection attack to return-into-libc and other code re-use attacks, are among the most dangerous attacks. Currently available solutions, like Data execution prevention that can prevent a user from executing writable pages to prevent code injection attacks, do not have an efficient solution for protecting against code re-use attacks, which can execute valid code in a malicious order.
To protect against control flow hijacking attacks, this work proposes architecture to make Control Flow Integrity, a solution that proposes to validate control flow against pre-computed control flow graph, practical. Current implementations of Control Flow Integrity have problems with code modularity, performance, or scalability, so I propose Dynamic Bloom Cache, a blocked-Bloom-filter-based approach, to solve current implementation issues.
23
Shi, Weidong. "Architectural Support for Protecting Memory Integrity and Confidentiality." Diss., Georgia Institute of Technology, 2006. http://hdl.handle.net/1853/11460.
Full textAbstract:
This dissertation describes efficient design of tamper-resistant secure processor and cryptographic memory protection model that will strength security of a computing system. The thesis proposes certain cryptographic and security features integrated into the general purpose processor and computing platform to protect confidentiality and integrity of digital content stored in a computing system's memory. System designers can take advantages of the availability of the proposed security model to build future security systems such as systems with strong anti-reverse engineering capability, digital content protection system, or trusted computing system with strong tamper-proof protection.
The thesis explores architecture level optimizations and design trade-offs for supporting high performance tamper-resistant memory model and micro-processor architecture. It expands the research of the previous studies on tamper-resistant processor design on several fronts. It offers some new architecture and design optimization techniques to further reduce the overhead of memory protection over the previous approaches documented in the literature. Those techniques include prediction based memory decryption and efficient memory integrity verification approaches. It compares different encryption modes applicable to memory protection and evaluates their pros and cons. In addition, the thesis tries to solve some of the security issues that have been largely ignored in the prior art. It presents a detailed investigation of how to integrate confidentiality protection and integrity protection into the out-of-order processor architecture both efficiently and securely. Furthermore, the thesis also expands the coverage of protection from single processor to multi-processor.
24
Kong, Jingfei. "ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY." Doctoral diss., University of Central Florida, 2010. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/2610.
Full textAbstract:
Computer security and privacy are becoming extremely important nowadays. The task of protecting computer systems from malicious attacks and potential subsequent catastrophic losses is, however, challenged by the ever increasing complexity and size of modern hardware and software design. We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as performance efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes to protect the privacy of an emerging non-volatile main memory technology  phase change memory (PCM). The negative impact of the encryption schemes on PCM lifetime is evaluated and new methods including a new encryption counter scheme and an efficient error correct code (ECC) management are proposed to improve PCM lifetime. In our third approach, we deconstruct two previously proposed secure cache designs against software data-cache-based side channel attacks and demonstrate their weaknesses. We propose three hardware-software integrated approaches as secure protections against those data cache attacks. Also we propose to apply them to protect instruction caches from similar threats. Furthermore, we propose a simple change to the update policy of Branch Target Buffer (BTB) to defend against BTB attacks. Our experiments show that our proposed schemes are both security effective and performance efficient.<br>Ph.D.<br>School of Electrical Engineering and Computer Science<br>Engineering and Computer Science<br>Computer Science PhD
25
McConnell, William Charles. "Visualizing Memory Utilization for the Purpose of Vulnerability Analysis." Thesis, Virginia Tech, 2008. http://hdl.handle.net/10919/33382.
Full textAbstract:
The expansion of the internet over recent years has resulted in an increase in digital attacks on computers. Most attacks, including the more dangerous ones, directly target program vulnerabilities. The increase in attacks has prompted a need to develop new ways to classify, detect, and avoid vulnerabilities. The effectiveness of these goals relies on the development of new methods and tools that facilitate the process of detecting vulnerabilities and exploits.
This thesis presents the development of a tool that provides a visual representation of main memory for the purpose of security analysis. The tool provides new insight into memory utilization by software; users are able to see memory utilization as execution time progression, visually distinguish between memory behaviors (allocations, writes, etc), and visually observe special relationships between memory locations. The insight enables users to search for visual evidence that software is vulnerable, violated, or utilizing memory incorrectly.
The development process for our visual tool has three stages: (1) identifying the memory utilization policies of the Windows 32-bit operating system; (2) identifying the data required for visual representations of memory and then implementing one possible method to capture the data; and (3) enumerating and implementing requirements for a memory tool that generates visual representations of memory for the purpose of vulnerability and exploit analysis.<br>Master of Science
26
Morrison, Matthew Arthur. "Theory, Synthesis, and Application of Adiabatic and Reversible Logic Circuits For Security Applications." Scholar Commons, 2013. https://scholarcommons.usf.edu/etd/5082.
Full textAbstract:
Programmable reversible logic is emerging as a prospective logic design style for implementation in modern nanotechnology and quantum computing with minimal impact on circuit heat generation. Adiabatic logic is a design methodology for reversible logic in CMOS where the current flow through the circuit is controlled such that the energy dissipation due to switching and capacitor dissipation is minimized. Recent advances in reversible logic using and quantum computer algorithms allow for improved computer architectures. Production of cost-effective Secure Integrated Chips, such as Smart Cards, requires hardware designers to consider tradeoffs in size, security, and power consumption. In order to design successful security-centric designs, the low-level hardware must contain built-in protection mechanisms to supplement cryptographic algorithms such as AES and Triple DES by preventing side channel attacks, such as Differential Power Analysis (DPA). Dynamic logic obfuscates the output waveforms and the circuit operation, reducing the effectiveness of the DPA attack. Significant research exists in the design and analysis of locally optimal adiabatic elements towards mitigation of side channel attacks. However, none of these works have addressed the use of adiabatic logic in implementation of flexible and programmable hardware security policies. Nor has adiabatic logic been employed in hardware security applications such as trustworthy voting systems and data encryption standards.
In this dissertation, I address theory, synthesis, and application of adiabatic and reversible logic circuits for security applications. First, two major debates in reversible computing are addressed. These debates must be addressed in order to devise computational logic primitives in
any emerging quantum computing technology. First, we address whether charged based computing is limited due to the use of charge as a state variable. We propose the use of body biasing in CMOS adiabatic systems as a design methodology for reducing the need for gradually changing the energy barriers. Simulation results in HSPICE at 22nm are presented which show behavior of a source-memory device operating at sub-Landauer operation. Second, we address whether reversible logic can be used to design sequential computing structures, such as memory devices. we present an analysis of Quantum Turing Machines with sequential reversible logic structures, to show that the entropy gain is substantially less than the Landauer Barrier of kTln(2), which is the limiting factor for irreversible computing. A mathematical proof is presented showing bit erasure does not occur in sequential reversible logic structures, and that these devices are physically reversible as long as appropriate delay elements are inserted in the feedback paths to prevent race conditions. This proof validates implementation of sequential reversible logic towards ultra-low power computing.
Next, a novel algorithm for synthesis of adiabatic circuits in CMOS is proposed. This approach is unique because it correlates the offsets in the permutation matrix to the transistors required for synthesis, instead of determining an equivalent circuit and substituting a previously synthesized circuit from a library. Parallelism is used, and the bijective properties of the device to achieve synthesis of the logic structure in O(n) time. Then, using the ESPRESSO heuristic for minimization of Boolean functions method on each output node in parallel, we optimize the synthesized circuit. It is demonstrated that the algorithm produces a 32.86% improvement over previously synthesized circuit benchmarks.
For stronger mitigation of DPA attacks, we propose the implementation of Adiabatic Dynamic Differential Logic for applications in secure IC design. Such an approach is effective in reducing power consumption, demonstrated using HSPICE simulations with 22nm predictive technology. The benefits of our design are demonstrated by comparing instantaneous power waveforms and observing the magnitude of differential power spikes during switching events. First, simulation results for body-biasing on sub-threshold adiabatic inverters show an improvement in differential power up to 43.28% for similar inverters without body biasing. Then, a High Performance Adiabatic Dynamic Differential Logic (PADDL) is presented for an implementation in high frequency secure ICs. This method improves the differential power over previous dynamic and differential logic methods by up to 89.65%. Finally, we propose a Body-Biased Adiabatic Dynamic Differential Logic (BADDL) for ultra-low power applications. Simulation results show that the differential power was improved upon by a factor of 199.16.
Then, we present an adiabatic S-box which significantly reduces energy imbalance compared to previous benchmarks. The design is capable of forward encryption and reverse decryption with minimal overhead, allowing for efficient hardware reuse.
27
Sylve, Joseph T. "Towards Real-Time Volatile Memory Forensics: Frameworks, Methods, and Analysis." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2359.
Full textAbstract:
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals exclusively with the acquisition and analysis of volatile system memory. Because each function performed by an operating system must utilize system memory, analysis of this memory can often lead to a treasure trove of useful information for forensic analysts and incident responders. Today’s forensic investigators are often subject to large case backlogs, and incident responders must be able to quickly identify the source and cause of security breaches. In both these cases time is a critical factor. Unfortunately, today’s memory analysis tools can take many minutes or even hours to perform even simple analysis tasks. This problem will only become more prevalent as RAM prices continue to drop and systems with very large amounts of RAM become more common. Due to the volatile nature of data resident in system RAM it is also desirable for investigators to be able to access non-volatile copies of system RAM that may exist on a device’s hard drive. Such copies are often created by operating systems when a system is being suspended and placed into a power safe mode.
This dissertation presents work on improving the speed of memory analysis and the access to non-volatile copies of system RAM. Specifically, we propose a novel memory analysis framework that can provide access to valuable artifacts orders of magnitude faster than existing tools. We also propose two new analysis techniques that can provide faster and more resilient access to important forensic artifacts. Further, we present the first analysis of the hibernation file format used in modern versions of Windows. This work allows access to evidence in non-volatile copies of system RAM that were not previously able to be analyzed. Finally, we propose future enhancements to our memory analysis framework that should address limitations with the current design. Taken together, this dissertation represents substantial work towards advancing the field of memory forensics.
28
Kumar, Vasanth Sampangiramaiah. "In-circuit forensic analysis of IoT memory modules." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2024. https://ro.ecu.edu.au/theses/2806.
Full textAbstract:
Digital forensic investigation involves data acquisition from storage and memory devices including embedded memory, such as flash memory. In the age of IoT-connected systems, in which a typical crime scene often has several interconnected smart devices, chip-off analysis, the physical removal of a microchip from the circuitry for digital forensic acquisition, is time-consuming and can potentially lead to loss of data, even damage to the original memory chip involved in the alleged crime (due to the heat the chip is exposed to during the process). This study introduces a novel system-on-a-chip approach designed for rapid and non-intrusive data acquisition from IoT devices, addressing the limitations of traditional chip-off forensic techniques that often result in data loss and potential damage to memory chips. Utilizing a purpose-designed smart device, this method enables direct data retrieval from the microchip level, integrating seamlessly into a forensic toolkit to improve the speed and integrity of evidence gathering while maintaining the operational state of the device. The method places particular emphasis on physical data acquisition, essential for thorough analysis, including the recovery of deleted files and investigation of file tampering. The research develops a remote acquisition technique that accesses memory modules of diverse smart devices with minimal footprint, offering a device-agnostic solution that preserves data in its last functional state, thus enhancing evidence recovery. By ensuring the forensic soundness of the data extraction process, this innovative approach significantly advances digital forensics, enhancing both the integrity and admissibility of evidence in legal scenarios.
29
Chapman, Erin Elizabeth. "A Survey and Analysis of Solutions to the Oblivious Memory Access Problem." PDXScholar, 2012. https://pdxscholar.library.pdx.edu/open_access_etds/891.
Full textAbstract:
Despite the use of strong encryption schemes, one can still learn information about encrypted data using side channel attacks [2]. Watching what physical memory is being accessed can be such a side channel. One can hide this information by using oblivious simulation - hiding the true access pattern of a program. In this paper we will review the model behind oblivious simulation, attempt to formalize the problem and define a security game. We will review the major solutions pro- posed so far, the square root and hierarchical solutions, as well as propose a new variation on the square root solution. Additionally, we will show a new formalization for providing software protection by using an encryption scheme and oblivious simulation.
30
Bolignano, Pauline. "Formal models and verification of memory management in a hypervisor." Thesis, Rennes 1, 2017. http://www.theses.fr/2017REN1S026/document.
Full textAbstract:
Un hyperviseur est un logiciel qui virtualise les ressources d'une machine physique pour permettre à plusieurs systèmes d'exploitation invités de s'exécuter simultanément dessus. L'hyperviseur étant le gestionnaire des ressources, un bug peut être critique pour les systèmes invités. Dans cette thèse nous nous intéressons aux propriétés d'isolation de la mémoire d'un hyperviseur de type 1, qui virtualise la mémoire en utilisant des Shadow Page Tables. Plus précisément, nous présentons un modèle concret et un modèle abstrait de l'hyperviseur, et nous prouvons formellement que les systèmes d'exploitation invités ne peuvent pas altérer ou accéder aux données privées des autres s'ils n'en ont pas la permission. Nous utilisons le langage et l'assistant de preuve développés par Prove & Run pour ce faire. Le modèle concret comporte beaucoup d'optimisations, qui rendent les structures de données et les algorithmes complexes, il est donc difficile de raisonner dessus. C'est pourquoi nous construisons un modèle abstrait dans lequel il est plus facile de raisonner. Nous prouvons les propriétés sur le modèle abstrait, et nous prouvons formellement sa correspondance avec le modèle concret, de telle manière que les preuves sur le modèle abstrait s'appliquent au modèle concret. La preuve correspondance n'est valable que pour des états concrets qui respectent certaines propriétés, nous prouvons que ces propriétés sont des invariants du système concret. La preuve s'articule donc en trois phases : la preuve d'invariants au niveau concret, la preuve de correspondance entre les modèles abstraits et concret, et la preuve des propriétés de sécurité au niveau abstrait<br>A hypervisor is a software which virtualizes hardware resources, allowing several guest operating systems to run simultaneously on the same machine. Since the hypervisor manages the access to resources, a bug can be critical for the guest Oses. In this thesis, we focus on memory isolation properties of a type 1 hypervisor, which virtualizes memory using Shadow Page Tables. More precisely, we present a low-level and a high-level model of the hypervisor, and we formally prove that guest OSes cannot access or tamper with private data of other guests, unless they have the authorization to do so. We use the language and the proof assistant developed by Prove & Run. There are many optimizations in the low-level model, which makes the data structures and algorithms complexes. It is therefore difficult to reason on such a model. To circumvent this issue, we design an abstract model in which it is easier to reason. We prove properties on the abstract model, and we prove its correspondence with the low-level model, in such a way that properties proved on the abstract model also hold for the low-level model. The correspondence proof is valid only for low-level states which respect some properties. We prove that these properties are invariants of the low-level system. The proof can be divided into three parts : the proof of invariants preservation on the low-level, the proof of correspondence between abstract and low-level models, and proof of the security properties on the abstract level
31
Larmuseau, Adriaan. "Protecting Functional Programs From Low-Level Attackers." Doctoral thesis, Uppsala universitet, Avdelningen för datalogi, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-281318.
Full textAbstract:
Software systems are growing ever larger. Early software systems were singular units developed by small teams of programmers writing in the same programming language. Modern software systems, on the other hand, consist of numerous interoperating components written by different teams and in different programming languages. While this more modular and diversified approach to software development has enabled us to build ever larger and more complex software systems, it has, however, made it harder to ensure the reliability and security of software systems. In this thesis we study and remedy the security flaws that arise when attempting to resolve the difference in abstractions between components written in high-level functional programming languages and components written in imperative low-level programming languages. High-level functional programming languages, treat computation as the evaluation of mathematical functions. Low-level imperative programming languages, on the contrary, provide programmers with features that enable them to directly interact with the underlying hardware. While these features help programmers write more efficient software, they also make it easy to write malware through techniques such as buffer overflows and return oriented programming. Concretely, we develop new run-time approaches for protecting components written in functional programming languages from malicious components written in low-level programming languages by making using of an emerging memory isolation mechanism.This memory isolation mechanism is called the Protected Module Architecture (PMA). Informally, PMA isolates the code and data that reside within a certain area of memory by restricting access to that area based on the location of the program counter. We develop these run-time protection techniques that make use of PMA for three important areas where components written in functional programming languages are threatened by malicious low-level components: foreign function interfaces, abstract machines and compilation. In everyone of these three areas, we formally prove that our run-time protection techniques are indeed secure. In addtion to that we also provide implementations of our ideas through a fully functional compiler and a well-performing abstract machine.
32
Svetlana, Jakšić. "Types for Access and Memory Control." Phd thesis, Univerzitet u Novom Sadu, Fakultet tehničkih nauka u Novom Sadu, 2016. https://www.cris.uns.ac.rs/record.jsf?recordId=101762&source=NDLTD&language=en.
Full textAbstract:
Three issues will be elaborated and disussed in the proposed thesis. The first isadministration and control of data access rights in networks with XML data, withemphasis on data security. The second is the administration and control ofaccess rights to data in computer networks with RDF data, with emphasis ondata privacy. The third is prevention of errors and memory leaks, as well ascommunication errors, generated by programs written in Sing # language in thepresence of exceptions. For all three issues, there will be presented formalmodels with corresponding type systems and showed the absence of undesiredbehavior i.e. errors in networks or programs.<br>У тези су разматрана три проблема. Први је администрација и контролаправа приступа података у рачунарској мрежи са XML подацима, санагласком на безбедости посматраних података. Други је администрација икотрола права приступа подацима у рачунарској мрежи са RDF подацима,са нагласком на приватности посматраних података. Трећи је превенцијагрешака и цурења меморије, као и грешака у комуникацији генерисанимпрограмима написаних на језику Sing# у којима су присутни изузеци. За сватри проблема биће предложени формални модели и одговарајући типскисистеми помоћу којих се показује одсуство неповољних понашања тј.грешака у мрежама односно програмима.<br>U tezi su razmatrana tri problema. Prvi je administracija i kontrolaprava pristupa podataka u računarskoj mreži sa XML podacima, sanaglaskom na bezbedosti posmatranih podataka. Drugi je administracija ikotrola prava pristupa podacima u računarskoj mreži sa RDF podacima,sa naglaskom na privatnosti posmatranih podataka. Treći je prevencijagrešaka i curenja memorije, kao i grešaka u komunikaciji generisanimprogramima napisanih na jeziku Sing# u kojima su prisutni izuzeci. Za svatri problema biće predloženi formalni modeli i odgovarajući tipskisistemi pomoću kojih se pokazuje odsustvo nepovoljnih ponašanja tj.grešaka u mrežama odnosno programima.
33
Tardif, Florent. "Practical considerations on cryptanalytic time-memory trade-offs." Thesis, Rennes 1, 2019. http://www.theses.fr/2019REN1S118.
Full textAbstract:
Un compromis temps-mémoire cryptanalytique est une technique qui vise à réduire le temps nécessaire pour effectuer certaines attaques cryptographiques telles que l'inversion d'une fonction à sens unique. Une telle inversion intervient dans une des principales applications des compromis temps-mémoire : le cassage de mots de passe. La technique requiert un très lourd pré-calcul qui génère des tables utilisables pour accélérer la recherche exhaustive de l'attaque. L'attaque par compromis temps-mémoire est d'autant plus rapide qu'il y a de mémoire allouée à l'algorithme. Cependant, en pratique, la mémoire est souvent un facteur limitant. Nous évaluons l'impact d'un problème nécessitant une grande mémoire sur la technique des compromis temps-mémoire, notamment en se plaçant dans le contexte où une mémoire externe lente est utilisée à la place d'une mémoire rapide limitée (RAM). Nous établissons qu'une telle approche est applicable dans des cas pratiques, qui sont identifiés. Nous proposons ensuite une nouvelle construction de compromis temps-mémoire qui repose sur des fonctions de hachage minimales parfaites, et dont le stockage est moindre que sur les techniques de compression de tables existantes. Finalement, nous proposons une comparaison entre les améliorations existantes, possiblement combinées, et notre nouvelle technique<br>A cryptanalytic time-memory trade-off (TMTO) is a technique that aims to reduce the time needed to perform a set of cryptanalysis attacks, such as inverting a one-way function. Such an inversion constitutes one of the main applications of TMTOs, which is password cracking. The technique relies on a large-scale pre-computation which outputs tables that allow to significantly speed up the attack's exhaustive search. The more memory is used by a TMTO, the faster the attack can be. In practice, the amount of memory available is often the limiting factor, so numerous approaches have been proposed to fit large tables in a restricted amount of memory. In this thesis, we focus on the rainbow tables variant, the most widely spread version of time-memory trade-offs. When the considered cryptographic problem is overwhelmingly sized, using an external memory is eventually needed. We analyse the relevance of using an external memory instead of RAM, and we state that it is fully suited for practical cases, which are identified. We then introduce a new technique, based on minimal perfect hash functions, whose storage complexity is better than any previous optimisation. Finally, we analyse and compare existing TMTO approaches as well as their combinations, along with our newly introduced MPHF rainbow technique. We are then able to provide a set of practical recommendations on how to configure the implementation of a TMTO in an optimal way
34
Oliveri, Andrea. "A Zero-Knowledge Approach to Memory Forensics." Electronic Thesis or Diss., Sorbonne université, 2023. http://www.theses.fr/2023SORUS312.
Full textAbstract:
L'essor rapide des appareils embarqués et des objets IoT entraîne une multiplication des systèmes d'exploitation et des architectures de processeurs, qui ne sont généralement pas pris en charge par les outils forensiques actuels et nécessitent un effort considérable pour être adaptés. Pour surmonter ce problème, nous introduisons, le concept d’analyse forensique de la mémoire à connaissance nulle : réaliser une analyse forensique de la mémoire sans aucune connaissance du système d’exploitation sous-jacent. En supposant que nous ayons effectué un dump mémoire du système d’exploitation inconnu, en utilisant uniquement les informations dérivées de la configuration matérielle de la machine, nous affirmons qu’il est possible de reconstruire l’espace d’adressage du noyau de manière indépendante du système d’exploitation. À partir de ceux-ci, il est possible de reconstruire les structures de données du noyau en mémoire en utilisant uniquement leur topologie<br>The rapid increase of embedded devices and IoT objects is leading to a multiplication of operating systems and processor architectures, which are generally not supported by current forensic tools and require considerable effort to adapt. To overcome this problem, we introduce the concept of zero-knowledge memory forensics: performing a memory forensic analysis without any knowledge of the underlying operating system. Assuming that we have performed a memory dump of the unknown operating system, using only information derived from the machine's hardware configuration, we claim that it is possible to reconstruct the kernel address space independently of the operating system. From these, it is possible to reconstruct kernel data structures in memory using only their topology
35
Rammal, Darine. "Memory safety for synchronous reactive programming." Electronic Thesis or Diss., Orléans, 2024. http://www.theses.fr/2024ORLE1002.
Full textAbstract:
Les langages réactifs synchrones constituent un excellent choix pour la programmation de l'IoT en raison de leur sémantique claire pour l'interaction entre le système et l'environnement. Cependant, en ce qui concerne les systèmes critiques en termes de sécurité ou contraints en ressources, des propositions récentes telles que Fairthreads ou ReactiveML font face à un problème bien connu. La gestion manuelle de la mémoire de Fairthreads peut entraîner des erreurs, tandis que la collecte des déchets de ReactiveML assure la sécurité de la mémoire mais introduit une surcharge d'exécution. Cette thèse vise à résoudre le problème de la sécurité de la mémoire en développant un langage de programmation réactif spécifiquement conçu pour les systèmes en temps réel, intégrant des threads coopératifs et une exécution synchrone. En nous appuyant sur le solide système de types du langage de programmation Rust, nous proposons un système de types similaire à Rust pour un langage de programmation réactif de noyau appelé MSSL. MSSL offre un modèle de threads coopératifs et facilite le partage de données mutables entre les threads tout en préservant la sécurité des types et des emprunts. Pour y parvenir, nous introduisons une nouvelle abstraction appelée Trc (Thread Reference Counting), qui combine la sécurité de propriété des références de Rust avec le mécanisme de comptage de références des pointeurs intelligents de Rust. Nous présentons ensuite la sémantique et le système de types de MSSL pour démontrer ses capacités à maintenir la sécurité des types, la sécurité des emprunts et la sécurité de la concurrence. De plus, nous étendons MSSL en introduisant des extensions réactives, en intégrant le concept de signaux qui offrent des moyens de communication puissants, flexibles et fiables. Enfin, nous fournissons une implémentation en Java de l'ensemble complet de MSSL, en basant sur la sémantique et les règles de typage de son système de types<br>Synchronous Reactive Languages are an excellent choice for IoT programming due to their clear system-environment interaction semantics. However, when it comes to safety- critial or resource-constrained systems, recent proposals like Fairthreads or ReactiveML face a well-known issue. Fairthreads' manual memory management can lead to errors, while ReactiveML's garbage collection ensures memory safety but introduces execution overhead. This thesis aims to address the memory safety issue by developing a reactive programming language specifically designed for real-time systems, incorporating cooperative threads and synchronous execution. Drawing from the robust type system of the Rust programming language, we propose a Rust-like type system for a kernel reactive programming language named MSSL. MSSL features a cooperative threading model and facilitates mutable data sharing between threads while preserving type and borrowing safety. To achieve this, we introduce a novel abstraction called Trc (Thread Reference Counting), which combines the ownership safety of Rust references with the reference counting mechanism of Rust smart pointers. Then, we present the semantics and type system of MSSL to demonstrate its capabilities in maintaining type safety, borrowing safety, and concurrency safety. Furthermore, we extend MSSL by introducing reactive extensions, incorporating the concept of signals that offer powerful, flexible, and reliable means of communication. Finally, we provide a Java implementation of the complete MSSL set, based on the semantic and typing rules of its type system
36
Sansurooah, Krishnun. "A forensics framework and method in the acquisition and extraction of data from NAND Flash memory storage chip." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2015. https://ro.ecu.edu.au/theses/1725.
Full textAbstract:
The aim of this thesis is to investigate a method for acquiring and extracting data from NAND flash memory storage devices and to validate that methodology. Furthermore, a validated and reproducible framework for the acquisition and extraction of data from the NAND flash memory storage chip is developed as a guideline for forensic investigators who are required to preserve and recover data stored on NAND flash memory storage devices in a forensically acceptable manner.
The digital forensic community is currently facing a situation determined by the rapidly increasing popularity of NAND flash memory technology. NAND flash technology is significantly different from other storage memory technologies. Like any technology that is new and evolving, manufacturers are still experimenting with the design and implementation of their versions. Compared to magnetic drives, there is no standardized approach to producing the NAND flash memory storage devices.
The first part of this thesis presented the results of a literature review of NAND flash memory storage devices, digital forensics practices and principles, an understanding of the Flash Translation Layer (FTL) and the characteristics of the NAND flash memory chip, together with, logical versus physical acquisition and forensic guidelines. The literature review examined how the NAND flash memory storage chip differs architecturally from a traditional magnetic hard disk drive (HDD) and also highlighted that, given the increased use of NAND flash technology related devices as part of digital devices, NAND flash memory storage devices are an integral part of the creation of digital artefacts that may later need to be considered as evidence in criminal or civil proceedings.
Existing forensic guidelines and procedures were developed based mainly on HDD technology and although NAND flash memory storage devices are widely accepted by consumers, they are poorly integrated into the forensic guidelines which have been explicitly discussed by forensic and data recovery experts.
This thesis then identifies the gaps between well reputed forensic guidelines and further outlines through a series of experiments and analysis carried out with various parameters and concludes that those well repute forensic practices and principles are inadequate to handle the NAND flash memory technology in a forensic manner.
Through a series of experiments and iterations, the analysis showed that a complex forensic framework for the acquisition and extraction of NAND flash memory storage chip was created, verified and validated. This reinforces the need to recognise the issues raised by NAND flash memory storage devices to maximise the chance of data recovery. Specific processes were identified and the data recovery rate was measured for testing.
In conclusion, this thesis develops a validated forensic framework and method in the acquisition and extraction of NAND flash memory storage chip that existing forensic techniques and guidelines are incapable of addressing thereby generating new knowledge and perspectives on ways to acquire and extract raw data from NAND flash memory storage device in general. This innovative model provides a new perspective on the acquisition and extraction of raw data from NAND flash memory storage devices which may be potentially useful in a court of law or similar.
37
Arslan, Aydin Ulku. "The Effects Of Coherence Of The Image Used In The Graphical Password Scheme In Terms Of Usability And Security." Master's thesis, METU, 2012. http://etd.lib.metu.edu.tr/upload/12614612/index.pdf.
Full textAbstract:
There is a dilemma between security and usability, which are two fundamentally conflicting issues. From the usability perspective, authentication protocols should be easy to use and passwords generated from these protocols should be easy to remember. From the security perspective, passwords should be hard to guess and should not be written down or stored in a plain text. Instead of using text based passwords, graphical passwords have been proposed to increase both memorability and security. Biederman (1972) and Biederman, Glass, &<br>Stacy (1973) reported that the objects in a coherent image were recognized and identified more efficiently and quickly than the objects in a jumbled image in which the jumbled image was created by dividing the coherent image into sections and changing the position of the sections without rotating them.
The study was designed to experimentally examine the differences in usability and security of the graphical password scheme by manipulating the coherence of the displayed image. Sixty-three volunteers participated in the main experiment. The participants were divided into groups according to the type of image they were presented in the password creation (either coherent-image or jumbled-image) task. Each participant created a graphical password and three days after the first session (i.e., second session) s/he tried to remember it in order to authenticate to the system. The results revealed that in the proposed graphical password scheme, using coherent image has more advantages over jumbled image in terms of usability and security.
38
Ruhault, Sylvain. "Security analysis for pseudo-random number generators." Thesis, Paris, Ecole normale supérieure, 2015. http://www.theses.fr/2015ENSU0014/document.
Full textAbstract:
La génération d’aléa joue un rôle fondamental en cryptographie et en sécurité. Des nombres aléatoires sont nécessaires pour la production de clés cryptographiques ou de vecteurs d’initialisation et permettent également d’assurer que des protocoles d’échange de clé atteignent un niveau de sécurité satisfaisant. Dans la pratique, les bits aléatoires sont générés par un processus de génération de nombre dit pseudo-aléatoire, et dans ce cas, la sécurité finale du système dépend de manière cruciale de la qualité des bits produits par le générateur. Malgré cela, les générateurs utilisés en pratique ne disposent pas ou peu d’analyse de sécurité permettant aux utilisateurs de connaître exactement leur niveau de fiabilité. Nous fournissons dans cette thèse des modèles de sécurité pour cette analyse et nous proposons des constructions prouvées sûres et efficaces qui répondront à des besoins de sécurité forts. Nous proposons notamment une nouvelle notion de robustesse et nous étendons cette propriété afin d’adresser les attaques sur la mémoire et les attaques par canaux cachés. Sur le plan pratique, nous effectuons une analyse de sécurité des générateurs utilisés dans la pratique, fournis de manière native dans les systèmes d’exploitation (/dev/random sur Linux) et dans les librairies cryptographiques (OpenSSL ou Java SecureRandom) et nous montrons que ces générateurs contiennent des vulnérabilités potentielles<br>In cryptography, randomness plays an important role in multiple applications. It is required in fundamental tasks such as key generation and initialization vectors generation or in key exchange. The security of these cryptographic algorithms and protocols relies on a source of unbiased and uniform distributed random bits. Cryptography practitioners usually assume that parties have access to perfect randomness. However, quite often this assumption is not realizable in practice and random bits are generated by a Pseudo-Random Number Generator. When this is done, the security of the scheme depends of course in a crucial way on the quality of the (pseudo-)randomness generated. However, only few generators used in practice have been analyzed and therefore practitioners and end users cannot easily assess their real security level. We provide in this thesis security models for the assessment of pseudo-random number generators and we propose secure constructions. In particular, we propose a new definition of robustness and we extend it to capture memory attacks and side-channel attacks. On a practical side, we provide a security assessment of generators used in practice, embedded in system kernel (Linux /dev/random) and cryptographic libraries (OpenSSL and Java SecureRandom), and we prove that these generators contain potential vulnerabilities
39
Sharma, Niti. "Impact of Increased Cache Misses on Runtime Performance of MPX-enabled Programs." Thesis, Virginia Tech, 2019. http://hdl.handle.net/10919/89914.
Full textAbstract:
Low level languages like C and C++ provide high performance and direct control over
memory management. But these languages are prone to memory safety violations. Intel
introduced a new ISA extension-Memory Protection Extension(MPX), a hardware-assisted
full-stack solution, to protect against the memory safety violations. While MPX efficiently
prevents memory errors like buffer overflows and out of bound memory accesses, it comes at
the cost of high performance overheads. Also, the cache locality worsens in MPX protected
applications.
In our research, we analyze if there is a correlation between increase in cache misses and
runtime degradation in programs compiled with MPX support. We analyze 15 SPEC CPU
benchmark programs for different input sizes on Windows platform, compiled with Intel's
ICC compiler. We find that for input sizes train(medium) and ref(large), the average performance overheads are 140% and 144% respectively. We find that 5 out of 15 benchmarks
do not have any runtime overheads and also, do not have any change in cache misses at any
level. However for rest of the 10 benchmarks, we find a strong correlation between runtime
overheads and cache misses overheads, with the correlation coefficients ranging from 0.8 to
0.36 for different input sizes. Based on our findings, we conclude that there is a direct
correlation between runtime overheads and increase in cache misses. We also find that instructions overheads and runtime overheads have a positive correlation, with the coefficient
values ranging from 0.7 to 0.33 for different input sizes<br>Master of Science<br>Low level programming languages like C and C++ are primary choices to write low-level systems software such as operating systems, virtual machines, embedded software, and performance-critical applications. But these languages are considered as unsafe and prone to memory safety errors. Intel introduced a new technique- Memory Protection Extensions(MPX) to protect against these memory errors. But prior research found that applications supported with MPX have increased runtimes(slowdowns). In our research, we analyze these slowdowns for different input sizes(medium and large) in 15 benchmark applications. Based on the input sizes, the average slowdowns range from 140% to 144%. We then examine if there is a correlation between increase in cache misses under MPX and the slowdowns. A hardware cache is a component that stores data so that future requests for that data can be served faster. Hence, cache miss is a state where the data requested for processing by a component or application is not found in the cache. Whenever a cache miss happen, the processor waits for the data to be fetched from the next cache level or from main memory before it can continue to execute. This wait influences the runtime performance of the application. Our evaluations find that 10 out of 15 applications which have increased runtimes, also have increase in cache misses. This shows a positive correlation between these two parameters. Along with that, we also found that increase in instruction size in MPX protected applications also has a direct correlation with the runtime degradation. We also quantify these relationships with a statistical measure called correlation coefficient.
40
Pan, Xiang. "Designing Future Low-Power and Secure Processors with Non-Volatile Memory." The Ohio State University, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=osu1492631536670669.
Full text
41
Bozzio, Mathieu. "Security and implementation of advanced quantum cryptography : quantum money and quantum weak coin flipping." Electronic Thesis or Diss., Université Paris-Saclay (ComUE), 2019. http://www.theses.fr/2019SACLT045.
Full textAbstract:
Les lois de la mécanique quantique présentent un fort potentiel d’amélioration pour la sécurité des réseaux de communication, du cryptage à clé publique au vote électronique, en passant par la banque en ligne. Cette thèse porte sur la sécurité pratique et l’implémentation de deux tâches cryptographiques quantiques : la monnaie quantique et le tirage à pile-ou-face faible. La monnaie quantique exploite le théorème de non-clonage quantique pour générer des jetons, billets ou cartes de crédit strictement infalsifiables. Nous réalisons la première démonstration expérimentale de cette fonctionnalité sur une plateforme photonique aux longueurs d’onde télécom. Nous développons ensuite une analyse de sécurité pratique pour les cartes de crédit quantique. La banque peut ainsi vérifier l’authenticité de la carte à distance, même en présence d’un terminal de paiement malhonnête. Enfin, nous proposons une expérience permettant le stockage sécurisé d’une carte de crédit quantique en utilisant la transparence électromagnétiquement induite au sein d’un nuage d’atomes refroidis. Le tirage à pile-ou-face faible est une primitive cryptographique fondamentale: elle permet en effet la construction de tâches plus complexes telles que la mise en gage de bit et le calcul multipartite sécurisé. Lors d’un tirage à pile ou face, deux entités distantes et méfiantes jettent une pièce. Grâce à l’intrication quantique, il est possible de limiter la probabilité que l’entité malhonnête biaise la pièce. Dans ce projet, nous proposons la première implémentation du pile-ou-face faible. Celle-ci requiert un photon unique et une plateforme d’optique linéaire. Nous présentons l’analyse de sécurité en présence d’erreurs et de pertes, et démontrons que le protocole est réalisable à l’échelle d’une ville. Enfin, nous proposons de réduire davantage la probabilité du biais du protocole<br>Harnessing the laws of quantum theory can drastically boost the security of modern communication networks, from public key encryption to electronic voting and online banking. In this thesis, we bridge the gap between theory and experiment regarding two quantum-cryptographic tasks: quantum money and quantum weak coin flipping. Quantum money exploits the no-cloning property of quantum physics to generate unforgeable tokens, banknotes, and credit cards. We provide the first proof-of-principle implementation of this task, using photonic systems at telecom wavelengths. We then develop a practical security proof for quantum credit card schemes, in which the bank can remotely verify a card even in the presence of a malicious payment terminal. We finally propose a setup for secure quantum storage of the credit card, using electromagnetically-induced transparency in a cloud of cold cesium atoms. Quantum weak coin flipping is a fundamental cryptographic primitive, which helps construct more complex tasks such as bit commitment and multiparty computation. It allows two distant parties to flip a coin when they both desire opposite outcomes. Using quantum entanglement then prevents any party from biasing the outcome of the flip beyond a certain probability. We propose the first implementation for quantum weak coin flipping, which requires a single photon and linear optics only. We provide the complete security analysis in the presence of noise and losses, and show that the protocol is implementable on the scale of a small city with current technology. We finally propose a linear-optical extension of the protocol to lower the coin bias
42
Nimgaonkar, Satyajeet. "Secure and Energy Efficient Execution Frameworks Using Virtualization and Light-weight Cryptographic Components." Thesis, University of North Texas, 2014. https://digital.library.unt.edu/ark:/67531/metadc699986/.
Full textAbstract:
Security is a primary concern in this era of pervasive computing. Hardware based security mechanisms facilitate the construction of trustworthy secure systems; however, existing hardware security approaches require modifications to the micro-architecture of the processor and such changes are extremely time consuming and expensive to test and implement. Additionally, they incorporate cryptographic security mechanisms that are computationally intensive and account for excessive energy consumption, which significantly degrades the performance of the system. In this dissertation, I explore the domain of hardware based security approaches with an objective to overcome the issues that impede their usability. I have proposed viable solutions to successfully test and implement hardware security mechanisms in real world computing systems. Moreover, with an emphasis on cryptographic memory integrity verification technique and embedded systems as the target application, I have presented energy efficient architectures that considerably reduce the energy consumption of the security mechanisms, thereby improving the performance of the system. The detailed simulation results show that the average energy savings are in the range of 36% to 99% during the memory integrity verification phase, whereas the total power savings of the entire embedded processor are approximately 57%.
43
Bennett, Joshua. "The memory of the Holocaust as a point of state ontological (in)security : A comparative discursive analysis of the United Kingdom and Poland." Thesis, Uppsala universitet, Hugo Valentin-centrum, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-413283.
Full textAbstract:
This thesis utilises the context of European Holocaust memory to test differences within the existing literature of the theory of ‘ontological security’. The differences centre on questions of identity preservation in the face of threats to a states ‘sense of self’. The paper builds a connection between theories within the field of collective memory and ontological security (a sub-field known as ‘mnemonic security’) and applies these to two case studies within the European context: the UK and Poland. These cases were chosen based on disparity of experience of the Holocaust within the European context in order to determine if these disparities may explain any potential variation in mnemonic security strategies. This is achieved with use of discourse analysis of state leader and representatives speeches (and other relevant discourse) given at Holocaust remembrance events in order to classify strategies in reference to the theoretical differences within the ontological security framework. It finds that differences in forms of memory exist, but their theoretical explanations within the framework are similar despite their disparities of experience. The thesis attempts to fill a gap of empirical evidence in regards to these arguments and in regards to discourse analysis of leader’s speeches and statements at said Holocaust remembrance events.
44
Bhatt, Manish. "Leveraging Relocations in ELF-binaries for Linux Kernel Version Identification." ScholarWorks@UNO, 2018. https://scholarworks.uno.edu/td/2528.
Full textAbstract:
In this paper, we present a working research prototype codeid-elf for ELF binaries based on its Windows counterpart codeid, which can identify kernels through relocation entries extracted from the binaries. We show that relocation-based signatures are unique and distinct and thus, can be used to accurately determine Linux kernel versions and derandomize the base address of the kernel in memory (when kernel Address Space Layout Randomization is enabled). We evaluate the effectiveness of codeid-elf on a subset of Linux kernels and find that the relocations in kernel code have nearly 100\% code coverage and low similarity (uniqueness) across various kernels. Finally, we show that codeid-elf, which leverages relocations in kernel code, can detect all kernel versions in the test set with almost 100% page hit rate and nearly zero false negatives.
45
Thames, John Lane. "Advancing cyber security with a semantic path merger packet classification algorithm." Diss., Georgia Institute of Technology, 2012. http://hdl.handle.net/1853/45872.
Full textAbstract:
This dissertation investigates and introduces novel algorithms, theories, and supporting frameworks to significantly improve the growing problem of Internet security. A distributed firewall and active response architecture is introduced that enables any device within a cyber environment to participate in the active discovery and response of cyber attacks. A theory of semantic association systems is developed for the general problem of knowledge discovery in data. The theory of semantic association systems forms the basis of a novel semantic path merger packet classification algorithm. The theoretical aspects of the semantic path merger packet classification algorithm are investigated, and the algorithm's hardware-based implementation is evaluated along with comparative analysis versus content addressable memory. Experimental results show that the hardware implementation of the semantic path merger algorithm significantly outperforms content addressable memory in terms of energy consumption and operational timing.
46
Thakur, Neha S. "Forensic Analysis of WhatsApp on Android Smartphones." ScholarWorks@UNO, 2013. http://scholarworks.uno.edu/td/1706.
Full textAbstract:
Android forensics has evolved over time offering significant opportunities and exciting challenges. On one hand, being an open source platform Android is giving developers the freedom to contribute to the rapid growth of the Android market whereas on the other hand Android users may not be aware of the security and privacy implications of installing these applications on their phones. Users may assume that a password-locked device protects their personal information, but applications may retain private information on devices, in ways that users might not anticipate. In this thesis we will be concentrating on one such application called 'WhatsApp', a popular social networking application. We will be forming an outline on how forensic investigators can extract useful information from WhatsApp and from similar applications installed on an Android platform. Our area of focus is extraction and analysis of application user data from non-volatile external storage and the volatile memory (RAM) of an Android device.
47
Ouattara, Frédéric. "Primitives de sécurité à base de mémoires magnétiques." Thesis, Montpellier, 2020. http://www.theses.fr/2020MONTS072.
Full textAbstract:
Les mémoires magnétiques (MRAM) font partie des technologies de mémoires non volatiles émergentes ayant connu un développement rapide cette dernière décennie. Un des avantages de cette technologie réside dans les domaines d’applications variées dans lesquelles elle peut intervenir. En plus de sa fonction principale de stockage d’information, la MRAM est utilisée de nos jours dans des applications de type capteurs, récepteur RF et sécurité matérielle. Dans cette thèse, nous nous sommes intéressés à l’utilisation des MRAM dans la conception des primitives de sécurité matérielle élémentaires. Dans un premier temps, une exploration dans la conception de TRNG (True Random Number Generator) basée sur des mémoires de type STT-MRAM (Spin Transfert Torque MRAM) a été menée dans le but de réaliser un démonstrateur et de prouver son efficacité pour les applications sécurisées. Les méthodes d’extraction d’aléa dans les mémoires STT et TAS (Thermally Assisted Switching) sont présentées. Nous avons ainsi évalué ces mémoires magnétiques dans le cadre des TRNG mais également pour la génération de PUF (Physically Unclonable Functions) sur des dispositifs physiques<br>Magnetic memories (MRAM) are one of the emerging non-volatile memory technologies that have experienced rapid development over the past decade. One of the advantages of this technology lies in the varied fields of application in which it can be used. In addition to its primary function of storing information, MRAM is nowadays used in applications such as sensors, RF receivers and hardware security. In this thesis, we are interested in the use of MRAMs in the design of elementary hardware security primitives. Initially, an exploration in the design of TRNG (True Random Number Generator) based on STT-MRAM (Spin Transfert Torque MRAM) type memories was carried out with the aim of producing a demonstrator and proving its effectiveness for secure applications. Random extraction methods in STT and TAS (Thermally Assisted Switching) memories are presented. We have thus evaluated these magnetic memories within the framework of TRNGs but also for the generation of PUFs (Physically Unclonable Functions) on physical devices
48
Almeida, Leonardo de Campos. "Lyra: uma função de derivação de chaves com custos de memória e processamento configuráveis." Universidade de São Paulo, 2016. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-29062016-085500/.
Full textAbstract:
Este documento apresenta o Lyra, um novo esquema de derivação de chaves, baseado em esponjas criptográficas. O Lyra foi projetado para ser estritamente sequencial, fornecendo um nível elevado de segurança mesmo contra atacantes que utilizem múltiplos núcleos de processamento, como uma GPU ou FPGA. Ao mesmo tempo possui uma implementação simples em software e permite ao usuário legítimo ajustar o uso de memória e tempo de processamento de acordo com o nível de segurança desejado. O Lyra é, então, comparado ao scrypt, mostrando que esta proposta fornece um nível se segurança mais alto, além de superar suas deficiências. Caso o atacante deseje realizar um ataque utilizando pouca memória, o tempo de processamento do Lyra cresce exponencialmente, enquanto no scrypt este crescimento é apenas quadrático. Além disto, para o mesmo tempo de processamento, o Lyra permite uma utilização maior de memória, quando comparado ao scrypt, aumentando o custo de ataques de força bruta.<br>This document presents Lyra, a password-based key derivation scheme based on cryptographic sponges. Lyra was designed to be strictly sequential, providing strong security even against attackers that use multiple processing cores, such as FPGAs or GPUs. At the same time, it is very simple to implement in software and allows legitimate users to tune its memory and processing costs according to the desired level of security. We compare Lyra with scrypt, showing how this proposal provides a higher security level and overcomes limitations of scrypt. If the attacker wishes to perform a low-memory attack against the algorithm, the processing cost grwos expontetialy, while in scrypt, this growth is only quadratic. In addition, for an identical processing time, Lyra allows for a higher memory usage than its counterparts, further increasing the cost of brute force attacks.
49
Buret, Pierrick. "Sécurité temps réel dans les systèmes embarqués critiques." Thesis, Limoges, 2015. http://www.theses.fr/2015LIMO0140/document.
Full textAbstract:
La croissance des flux d'information à travers le monde est responsable d'une importante utilisation de systèmes embarqués temps-réel, et ce notoirement dans le domaine des satellites. La présence de ces systèmes est devenue indispensable pour la géolocalisation, la météorologie, ou les communications. La forte augmentation du volume de ces matériels, impactée par l'afflux de demande, est à l'origine de l'accroissement de la complexité de ces derniers. Grâce à l'évolution du matériel terrestre, le domaine aérospatial se tourne vers de nouvelles technologies telles que les caches, les multi-coeurs, et les hyperviseurs. L'intégration de ces nouvelles technologies est en adéquation avec de nouveaux défis techniques. La nécessité d'améliorer les performances de ces systèmes induit le besoin de réduction du coût de fabrication et la diminution du temps de production. Les solutions technologiques qui en découlent apportent pour majeure partie des avantages en matière de diminution du nombre global de satellites à besoin constant. La densité d'information traitée est parallèlement accrue par l'augmentation du nombre d'exploitants pour chaque satellite. En effet, plusieurs clients peuvent se voir octroyer tout ou partie d'un même satellite. Intégrer les produits de plusieurs clients sur une même plateforme embarquée la rend vulnérable. Augmenter la complexité du système rend dès lors possible un certain nombre d'actes malveillants. Cette problématique autrefois à l'état d'hypothèse devient aujourd'hui un sujet majeur dans le domaine de l'aérospatial. Figure dans ce document, en premier travail d'exploration, une présentation des actes malveillants sur système embarqué, et en particulier ceux réalisés sur système satellitaire. Une fois le risque exposé, je développe la problématique temps-réel. Je m'intéresse dans cette thèse plus précisément à la sécurité des hyperviseurs spatiaux. Je développe en particulier deux axes de recherche. Le premier porte sur l'évolution des techniques de production et la mise en place d'un système de contrôle des caractéristiques temporelles d'un satellite. Le deuxième axe améliore les connaissances techniques sur un satellite en cours de fonctionnement et permet une prise de décision en cas d'acte malveillant. Je propose plus particulièrement une solution physique permettant de déceler une anomalie sur la gestion des mémoires internes au satellite. En effet, la mémoire est un composant essentiel du fonctionnement du système, et ses propriétés communes entre tous les clients la rend particulièrement vulnérable. De plus, connaître le nombre d'accès en mémoire permet un meilleur ordonnancement et une meilleure prédiction d'un système temps réel. Notre composant permet la détection et l'interprétation d'une potentielle attaque ou d'un problème de sûreté de fonctionnement. Cette thèse met en évidence la complémentarité des deux travaux proposés. En effet, la mesure du nombre d'accès en mémoire peut se mesurer via un algorithme génétique dont la forme est équivalente au programme cherchant le pire temps d'exécution. Il est finalement possible d'étendre nos travaux de la première partie vers la seconde<br>Satellites are real-time embedded systems and will be used more and more in the world. Become essential for the geo-location, meteorology or communications across the planet, these systems are increasingly in demand. Due to the influx of requests, the designers of these products are designing a more and more complex hardware and software part. Thanks to the evolution of terrestrial equipment, the aero-space field is turning to new technologies such as caches, multi-core, and hypervisor. The integration of these new technologies bring new technical challenges. In effect, it is necessary to improve the performance of these systems by reducing the cost of manufacturing and the production time. One of the major advantages of these technologies is the possibility of reducing the overall number of satellites in space while increasing the number of operators. Multiple clients softwares may be together today in a same satellite. The ability to integrate multiple customers on the same satellite, with the increasing complexity of the system, makes a number of malicious acts possible. These acts were once considered as hypothetical. Become a priority today, the study of the vulnerability of such systems become major. In this paper, we present first work a quick exploration of the field of malicious acts on onboard system and more specifically those carried out on satellite system. Once the risk presentation we will develop some particular points, such as the problematic real-time. In this thesis we are particularly interested in the security of space hypervisors. We will develop precisely 2 lines of research. The first axis is focused on the development of production technics and implementing a control system of a satellite temporal characteristics. The objective is to adapt an existing system to the constraints of the new highly complex systems. We confront the difficulty of measuring the temporal characteristics running on a satellite system. For this we use an optimization method called dynamic analysis and genetic algorithm. Based on trends, it can automatically search for the worst execution time of a given function. The second axis improves the technical knowledge on a satellite in operation and enables decision making in case of malicious act. We propose specifically a physical solution to detect anomalies in the management of internal memory to the satellite. Indeed, memory is an essential component of system operation, and these common properties between all clients makes them particularly vulnerable to malicious acts. Also, know the number of memory access enables better scheduling and better predictability of a real time system. Our component allows the detection and interpretation of a potential attack or dependability problem. The work put in evidence the complementarity of the two proposed work. Indeed, the measure of the number of memory access that can be measured via a genetic algorithm whose shape is similar to the program seeking the worst execution time. So we can expand our work of the first part with the second
50
Ouaarab, Salaheddine. "Protection du contenu des mémoires externes dans les systèmes embarqués, aspect matériel." Thesis, Paris, ENST, 2016. http://www.theses.fr/2016ENST0046/document.
Full textAbstract:
Ces dernières années, les systèmes informatiques (Cloud Computing, systèmes embarqués, etc.) sont devenus omniprésents. La plupart de ces systèmes utilisent des espaces de stockage (flash,RAM, etc.) non fiables ou non dignes de confiance pour stocker du code ou des données. La confidentialité et l’intégrité de ces données peuvent être menacées par des attaques matérielles (espionnage de bus de communication entre le composant de calcul et le composant de stockage) ou logicielles. Ces attaques peuvent ainsi révéler des informations sensibles à l’adversaire ou perturber le bon fonctionnement du système. Dans cette thèse, nous nous sommes focalisés, dans le contexte des systèmes embarqués, sur les attaques menaçant la confidentialité et l’intégrité des données qui transitent sur le bus de communication avec la mémoire ou qui sont stockées dans celle-ci.Plusieurs primitives de protection de confidentialité et d’intégrité ont déjà été proposées dans la littérature, et notamment les arbres de Merkle, une structure de données protégeant efficacement l’intégrité des données notamment contre les attaques par rejeu. Malheureusement,ces arbres ont un impact important sur les performances et sur l’empreinte mémoire du système.Dans cette thèse, nous proposons une solution basée sur des variantes d’arbres de Merkle (arbres creux) et un mécanisme de gestion adapté du cache afin de réduire grandement l’impact de la vérification d’intégrité d’un espace de stockage non fiable. Les performances de cette solution ont été évaluées théoriquement et à l’aide de simulations. De plus, une preuve est donnée de l’équivalence, du point de vue de la sécurité, avec les arbres de Merkle classiques.Enfin, cette solution a été implémentée dans le projet SecBus, une architecture matérielle et logicielle ayant pour objectif de garantir la confidentialité et l’intégrité du contenu des mémoires externes d’un système à base de microprocesseurs. Un prototype de cette architecture a été réalisé et les résultats de l’évaluation de ce dernier sont donnés<br>During the past few years, computer systems (Cloud Computing, embedded systems...) have become ubiquitous. Most of these systems use unreliable or untrusted storage (flash, RAM...)to store code or data. The confidentiality and integrity of these data can be threaten by hardware (spying on the communication bus between the processing component and the storage component) or software attacks. These attacks can disclose sensitive information to the adversary or disturb the behavior of the system. In this thesis, in the context of embedded systems, we focused on the attacks that threaten the confidentiality and integrity of data that are transmittedover the memory bus or that are stored inside the memory. Several primitives used to protect the confidentiality and integrity of data have been proposed in the literature, including Merkle trees, a data structure that can protect the integrity of data including against replay attacks. However, these trees have a large impact on the performances and the memory footprint of the system. In this thesis, we propose a solution based on variants of Merkle trees (hollow trees) and a modified cache management mechanism to greatly reduce the impact of the verification of the integrity. The performances of this solution have been evaluated both theoretically and in practice using simulations. In addition, a proof a security equivalence with regular Merkle treesis given. Finally, this solution has been implemented in the SecBus architecture which aims at protecting the integrity and confidentiality of the content of external memories in an embedded system. A prototype of this architecture has been developed and the results of its evaluation are given